added constraints check to SM2Engine.

Author: dghgit

core/src/main/java/org/bouncycastle/crypto/engines/SM2Engine.java

@@ -4,8 +4,12 @@
 import java.security.SecureRandom;
 
 import org.bouncycastle.crypto.CipherParameters;
+import org.bouncycastle.crypto.CryptoServicesRegistrar;
+import org.bouncycastle.crypto.DataLengthException;
 import org.bouncycastle.crypto.Digest;
 import org.bouncycastle.crypto.InvalidCipherTextException;
+import org.bouncycastle.crypto.constraints.ConstraintUtils;
+import org.bouncycastle.crypto.constraints.DefaultServiceProperties;
 import org.bouncycastle.crypto.digests.SM3Digest;
 import org.bouncycastle.crypto.params.ECDomainParameters;
 import org.bouncycastle.crypto.params.ECKeyParameters;
@@ -91,6 +95,8 @@ public void init(boolean forEncryption, CipherParameters param)
         }
 
         curveLength = (ecParams.getCurve().getFieldSize() + 7) / 8;
+
+        CryptoServicesRegistrar.checkConstraints(new DefaultServiceProperties("SM2", ConstraintUtils.bitsOfSecurityFor(ecParams.getCurve()), ecKey, Utils.getPurpose(forEncryption)));
     }
 
     public byte[] processBlock(
@@ -99,6 +105,11 @@ public byte[] processBlock(
         int inLen)
         throws InvalidCipherTextException
     {
+        if ((inOff + inLen) > in.length || inLen == 0)
+        {
+            throw new DataLengthException("input buffer too short");
+        }
+
         if (forEncryption)
         {
             return encrypt(in, inOff, inLen);

core/src/test/java/org/bouncycastle/crypto/test/CryptoServiceConstraintsTest.java

@@ -4,6 +4,7 @@
 import java.security.SecureRandom;
 import java.util.Collections;
 
+import org.bouncycastle.asn1.x9.ECNamedCurveTable;
 import org.bouncycastle.asn1.x9.X962NamedCurves;
 import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
 import org.bouncycastle.crypto.BasicAgreement;
@@ -44,7 +45,40 @@
 import org.bouncycastle.crypto.digests.SHA3Digest;
 import org.bouncycastle.crypto.digests.SHA512Digest;
 import org.bouncycastle.crypto.digests.SHAKEDigest;
-import org.bouncycastle.crypto.engines.*;
+import org.bouncycastle.crypto.engines.AESEngine;
+import org.bouncycastle.crypto.engines.AESFastEngine;
+import org.bouncycastle.crypto.engines.AESLightEngine;
+import org.bouncycastle.crypto.engines.BlowfishEngine;
+import org.bouncycastle.crypto.engines.CAST5Engine;
+import org.bouncycastle.crypto.engines.CamelliaEngine;
+import org.bouncycastle.crypto.engines.CamelliaLightEngine;
+import org.bouncycastle.crypto.engines.ChaCha7539Engine;
+import org.bouncycastle.crypto.engines.ChaChaEngine;
+import org.bouncycastle.crypto.engines.DESEngine;
+import org.bouncycastle.crypto.engines.DESedeEngine;
+import org.bouncycastle.crypto.engines.ElGamalEngine;
+import org.bouncycastle.crypto.engines.HC128Engine;
+import org.bouncycastle.crypto.engines.HC256Engine;
+import org.bouncycastle.crypto.engines.IDEAEngine;
+import org.bouncycastle.crypto.engines.RC4Engine;
+import org.bouncycastle.crypto.engines.RC532Engine;
+import org.bouncycastle.crypto.engines.RC564Engine;
+import org.bouncycastle.crypto.engines.RSAEngine;
+import org.bouncycastle.crypto.engines.RijndaelEngine;
+import org.bouncycastle.crypto.engines.SM2Engine;
+import org.bouncycastle.crypto.engines.SM4Engine;
+import org.bouncycastle.crypto.engines.Salsa20Engine;
+import org.bouncycastle.crypto.engines.SerpentEngine;
+import org.bouncycastle.crypto.engines.SkipjackEngine;
+import org.bouncycastle.crypto.engines.TEAEngine;
+import org.bouncycastle.crypto.engines.ThreefishEngine;
+import org.bouncycastle.crypto.engines.TnepresEngine;
+import org.bouncycastle.crypto.engines.TwofishEngine;
+import org.bouncycastle.crypto.engines.VMPCEngine;
+import org.bouncycastle.crypto.engines.VMPCKSA3Engine;
+import org.bouncycastle.crypto.engines.XSalsa20Engine;
+import org.bouncycastle.crypto.engines.Zuc128Engine;
+import org.bouncycastle.crypto.engines.Zuc256Engine;
 import org.bouncycastle.crypto.generators.DESKeyGenerator;
 import org.bouncycastle.crypto.generators.DESedeKeyGenerator;
 import org.bouncycastle.crypto.generators.DHBasicKeyPairGenerator;
@@ -90,6 +124,7 @@
 import org.bouncycastle.crypto.params.MQVPrivateParameters;
 import org.bouncycastle.crypto.params.MQVPublicParameters;
 import org.bouncycastle.crypto.params.ParametersWithIV;
+import org.bouncycastle.crypto.params.ParametersWithRandom;
 import org.bouncycastle.crypto.params.ParametersWithUKM;
 import org.bouncycastle.crypto.params.RC5Parameters;
 import org.bouncycastle.crypto.params.RSAKeyGenerationParameters;
@@ -167,6 +202,7 @@ public void performTest()
         testRSA();
         testRsaKEM();
         testECIESKEM();
+        testSM2Cipher();
         testSM4();
         testTEA();
         testThreefish();
@@ -1851,6 +1887,33 @@ private void testHC128AndHC256()
         CryptoServicesRegistrar.setServicesConstraints(null);
     }
 
+    private void testSM2Cipher()
+    {
+        SecureRandom random = new SecureRandom();
+        ECKeyPairGenerator kpGen = new ECKeyPairGenerator();
+
+        kpGen.init(new ECKeyGenerationParameters(new ECDomainParameters(ECNamedCurveTable.getByName("P-256")), random));
+
+        AsymmetricCipherKeyPair kp = kpGen.generateKeyPair();
+
+        CryptoServicesRegistrar.setServicesConstraints(new LegacyBitsOfSecurityConstraint(256, 128));
+        SM2Engine engine = new SM2Engine();
+        try
+        {
+            engine.init(true, new ParametersWithRandom(kp.getPublic(), random));
+            fail("no exception!");
+        }
+        catch (CryptoServiceConstraintsException e)
+        {
+            isEquals(e.getMessage(),"service does not provide 256 bits of security only 128", e.getMessage());
+        }
+
+        // decryption should be okay
+        engine.init(false, kp.getPrivate());
+        
+        CryptoServicesRegistrar.setServicesConstraints(null);
+    }
+
     public static void main(
         String[] args)
     {

core/src/test/java/org/bouncycastle/crypto/test/SM2EngineTest.java

@@ -3,6 +3,7 @@
 import java.math.BigInteger;
 
 import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
+import org.bouncycastle.crypto.DataLengthException;
 import org.bouncycastle.crypto.InvalidCipherTextException;
 import org.bouncycastle.crypto.engines.SM2Engine;
 import org.bouncycastle.crypto.generators.ECKeyPairGenerator;
@@ -233,12 +234,64 @@ private void doEngineTestF2m()
         isTrue("f2m dec wrong", Arrays.areEqual(m, dec));
     }
 
+    public void doDudInputTest()
+        throws Exception
+    {
+        BigInteger SM2_ECC_A = new BigInteger("00", 16);
+        BigInteger SM2_ECC_B = new BigInteger("E78BCD09746C202378A7E72B12BCE00266B9627ECB0B5A25367AD1AD4CC6242B", 16);
+        BigInteger SM2_ECC_N = new BigInteger("7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFBC972CF7E6B6F900945B3C6A0CF6161D", 16);
+        BigInteger SM2_ECC_H = BigInteger.valueOf(4);
+        BigInteger SM2_ECC_GX = new BigInteger("00CDB9CA7F1E6B0441F658343F4B10297C0EF9B6491082400A62E7A7485735FADD", 16);
+        BigInteger SM2_ECC_GY = new BigInteger("013DE74DA65951C4D76DC89220D5F7777A611B1C38BAE260B175951DC8060C2B3E", 16);
+
+        ECCurve curve = new ECCurve.F2m(257, 12, SM2_ECC_A, SM2_ECC_B, SM2_ECC_N, SM2_ECC_H);
+
+        ECPoint g = curve.createPoint(SM2_ECC_GX, SM2_ECC_GY);
+        ECDomainParameters domainParams = new ECDomainParameters(curve, g, SM2_ECC_N, SM2_ECC_H);
+
+        ECKeyPairGenerator keyPairGenerator = new ECKeyPairGenerator();
+
+        ECKeyGenerationParameters aKeyGenParams = new ECKeyGenerationParameters(domainParams, new TestRandomBigInteger("56A270D17377AA9A367CFA82E46FA5267713A9B91101D0777B07FCE018C757EB", 16));
+
+        keyPairGenerator.init(aKeyGenParams);
+
+        AsymmetricCipherKeyPair aKp = keyPairGenerator.generateKeyPair();
+
+        ECPublicKeyParameters aPub = (ECPublicKeyParameters)aKp.getPublic();
+        ECPrivateKeyParameters aPriv = (ECPrivateKeyParameters)aKp.getPrivate();
+
+        SM2Engine sm2Engine = new SM2Engine();
+
+        // zero length input
+        try
+        {
+            sm2Engine.processBlock(new byte[0], 0, 0);
+            fail("no expection");
+        }
+        catch (DataLengthException e)
+        {
+            isEquals("input buffer too short", e.getMessage());
+        }
+        
+        // buffer too small
+        try
+        {
+            sm2Engine.processBlock(new byte[1], 0, 2);
+            fail("no expection");
+        }
+        catch (DataLengthException e)
+        {
+            isEquals("input buffer too short", e.getMessage());
+        }
+    }
+
     public void performTest()
         throws Exception
     {
         doEngineTestFp();
         doEngineTestF2m();
         doEngineTestFpC1C3C2();
+        doDudInputTest();
     }
 
     public static void main(String[] args)